New submission from Christian Heimes:
I'm doing some testing with old versions of OpenSSL. Some versions like 0.9.8i
from 15 Sep 2008 ignore seconds in notAfter field:
./python -m test test_ssl test_hashlib
[1/2] test_ssl
test test_ssl failed -- Traceback (most recent call last):
File "/home/heimes/dev/python/cpython/Lib/test/test_ssl.py", line 145, in
test_parse_cert
self.assertEqual(p['notAfter'], 'Oct 5 23:01:56 2020 GMT')
AssertionError: 'Oct 5 23:01:00 2020 GMT' != 'Oct 5 23:01:56 2020 GMT'
- Oct 5 23:01:00 2020 GMT
? ^^
+ Oct 5 23:01:56 2020 GMT
It's actually an issue in OpenSSL. I'm getting the same result with the openssl
binary:
$ ../openssl/0.9.8i/bin/openssl x509 -text -in
Lib/test/https_svn_python_org_root.pem | grep GMT
Not Before: Mar 30 12:29:00 2003 GMT
Not After : Mar 29 12:29:00 2033 GMT
$ ../openssl/0.9.8y/bin/openssl x509 -text -in
Lib/test/https_svn_python_org_root.pem | grep GMT
Not Before: Mar 30 12:29:49 2003 GMT
Not After : Mar 29 12:29:49 2033 GMT
I'd like to modify the test for a well-defined set of errnous OpenSSL versions.
----------
components: Extension Modules
messages: 191099
nosy: christian.heimes, pitrou
priority: normal
severity: normal
status: open
title: OpenSSL may ignore seconds in notAfter
versions: Python 3.4
_______________________________________
Python tracker <[email protected]>
<http://bugs.python.org/issue18207>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
